ATM hackers seem to target older machines

PETALING JAYA: Banks which were hit by the spate of fraudulent withdrawals from automated teller machines (ATM) were those which still have older machines without up-to-date anti-virus software.
Apparently, all the banks which were targeted for the fraudulent withdrawal of about RM3 million so far, were those using older generation ATMs.
Police sources today confirmed that ATMs targeted thus far were all from a company which still supplies ATMs that have not been upgraded with anti-virus software.
Preliminary investigations showed that the fraudulent ATM withdrawals were executed with the use of a handheld electronic hacking device and a mobile phone SIM card.
With the equipment, the hackers planted a computer virus known as "ulssm.exe" into the ATM to corrupt its security system and make the machine dispense money.
It is understood that while most banks have new generation ATMs, there are still an undisclosed number of older generation ATMs which are not equipped with software to counter such virus attacks.
Following these attacks which at last count involved more than 15 bank branches of Affin Bank, Al Rajhi Bank and Bank Islam in Selangor, the Federal Territory, Johor Baru and Malacca, it is understood that banks with these old generation ATMs have opted to shut down the machines altogether in an effort to safeguard themselves against the attacks.
The fraudulent withdrawals involved physical cash payouts from the machines alone and do not affect any bank customers accounts.
The Association of Banks in Malaysia (ABM) In a statement today assured the public that customer account balances and information have not been compromised in the reported ATM heists, adding that member banks with ATM networks are collaborating closely with the relevant authorities.
"Our member banks have stepped up their vigilance and enhanced security, and will continue to monitor and take preventive measures as necessary to protect customers' data and safeguard their money in the banks," ABM said.
ABM said the public is welcome to contact its ABMConnect hotline 1-300-88-9980 or mail by logging on to its website, www.abm.org.my.
Selangor police today confirmed that 10 ATMs of two banks have been hacked in Selangor thus far. Last week alone, five cases were reported in Johor and Selangor.
A spokesman of the country's largest bank, Malayan Banking Bhd, said that it has conducted thorough checks and confirms that its machines are not affected.
"Maybank continues to take the necessary precautions and security measures to ensure that all its machines remain safe and protected from such ATM hacks," the bank said in response to queries sent by theSun.
No other banks have responded as at press time.
Meanwhile, police today released images of four suspects believed to be Latin Americans from footage retrieved from closed-circuit security cameras at affected banks.